Justin Richer

Internet Security Consultant; Bespoke Engineering
Justin Richer is a security architect, software engineer, standards editor, and systems designer with well over fifteen years of industry experience. He is the lead author of OAuth2 In Action from Manning Publications and contributor to OAuth 2.0 and OpenID Connect. Justin was the editor of the OAuth specifications RFC 7591, 7592, and 7662, and he wrote the pioneering Vectors of Trust (RFC 8485). Justin is a co-author of the US federal Digital Identity Guidelines (NIST SP 800-63). He’s the editor of the HEART specifications as well as contributing editor to UMA 2.0. He is the founder and maintainer of the MITREid Connect open source project through the MIT Internet Trust Consortium and actively contributes to open source implementations. An ardent proponent of open standards and open source, he believes in solving hard problems with the right solution, even if that solution still needs to be invented.

Justin's Sessions


Tuesday, June 25
8:15 - 9:05 am
Lincoln
OAuth 2.0 Master Class - Part 1
(Part 1) An in-depth overview of the OAuth 2 protocol from one of the world's foremost experts. Learn about how the protocol works, why it was built the way that it is, and what it can do. Just as important, learn what its limitations are and what it can't do, along with the ecosystem of technologies that have grown up around it.

Tuesday, June 25
9:15 - 10:05 am
Lincoln
OAuth 2.0 Master Class - Part 2
(Part 2) An in-depth overview of the OAuth 2 protocol from one of the world's foremost experts. Learn about how the protocol works, why it was built the way that it is, and what it can do. Just as important, learn what its limitations are and what it can't do, along with the ecosystem of technologies that have grown up around it.

Tuesday, June 25
10:30 - 11:20 am
Lincoln
OAuth 2.0 Master Class - Part 3
(Part 3) An in-depth overview of the OAuth 2 protocol from one of the world's foremost experts. Learn about how the protocol works, why it was built the way that it is, and what it can do. Just as important, learn what its limitations are and what it can't do, along with the ecosystem of technologies that have grown up around it.

Tuesday, June 25
2:40 - 3:05 pm
Jefferson
Transactional Authorization
Last year, we took a look at what's wrong with OAuth 2. This year, we'll look at some of the directions that technology is moving in, including an in-depth view of transactional authorization built around many of the lessons learned from OAuth 2's deployment.

Enter your details to receive email updates from Identiverse